KEEP OUT!

When an Intrusion Detection System (IDS) recognizes an attack, it issues a strict “keep out” order to block the intruder’s access to services. Unfortunately, other systems on the network might not benefit from this block. The Recent module by Netfilter dynamically updates the firewall access rules to create a temporary “bad guy” list. You can then configure the firewall rules so that an IP address that breaks a rule is temporarily prevented from any form of access. Recent also comes with special features for fighting port scans, and you can combine the Recent module with an external application such as Snort to create a fast and effective framework for detecting and closing out network attacks.

Linux has a fantastic selection of firewalls for securing stand-alone computers or whole networks. Although you can use IPTables to set up a firewall, the configuration is often the most difficult step. KMyFirewall offers a powerful, user-friendly, GUI-based approach.